[Full-disclosure] FLEA-2007-0012-1: madwifi
Foresight Linux Essential Announcement Service
foresight-security-noreply at foresightlinux.org
Mon Apr 23 03:36:05 BST 2007
Foresight Linux Essential Advisory: 2007-0012-1
Published: 2007-04-22
Rating: Moderate
Updated Versions:
madwifi=/drivers.rpath.org at rpl:devel//fl:desktop//foresight.rpath.org at fl:1-devel//1/0.9.3-0.0.0.1-1
group-dist=/foresight.rpath.org at fl:1-devel//1/1.2.1-0.2-1
References:
https://issues.foresightlinux.org/browse/FL-263
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7177
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7179
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7180
Description:
Previous versions of the madwifi package were vulnerable to a number of
Denial-of-Service issues, at least two of which can be exploited to cause a
system crash (kernel oops). In addition, previous versions could be made to send
unencrypted information before authentication finishes when using WPA, an
information leak.
Full-Disclosure is hosted and sponsored by Secunia.